AuthorTopic: Lock Down Your Router! (Read 13217 times)

Indiana University, in conjunction with Symantec, published a technical report on Drive-By Pharming. Basically, this type of phishing involves hackers using default passwords on routers via malicious Javascript to hijack a router and change the DNS cache in the router. The effect would be to point users to fake web sites.

Note that the report has not yet been published. I would take this one seriously, as Linux boxes can likely be used to mess up a router via malicious sites. The bottom line is to lock down your router by changing the default password on it.

While you are on the topic of router insecurity, a more serious problem has been reported when just about any router that uses UPNP could be compromised by a flash attack, and that regardless of the operating system. It exploits the lack of authentication with UPNP. You can look it up on "The register" a UK newsletter. Quite interesting.